Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?

bmanning at bmanning at
Sat Jul 26 22:15:50 UTC 2008

On Sat, Jul 26, 2008 at 05:47:54PM -0400, Sean Donelan wrote:
> On Sat, 26 Jul 2008, bmanning at wrote:
> >	there you go.  the massive effort to patch would likley have
> >	better been spent to actually -sign- the stupid zones and
> >	work out key distribution.  but no... running around like
> >	the proverbial headless chicken seems to get the PR.
> Maybe someone could publish a blacklist of vulnerable recursive
> name servers, and then F-Root, the other root name servers,
> and other "popular" sites could start refusing to answer queries
> from vunerable name servers until after the blacklist operator decides 
> they've patched their recursive server sufficiently?
> Maybe that would get their attention and encourage them to apply
> resources to the problem?
> Extreme situations justify extreme measures; or how extreme do
> you believe justifies what measures?

	Knock yourself out Sean.


More information about the NANOG mailing list